Spring Security JaasAuthenticationProvider看不到Wildfly 10安全域
我们正在将代码从Spring4.2.1AS和Spring Security3.2.9迁移到JBoss Wildfly 10.0.0和SpringSecurity4.0.4
我在Spring security JaasAuthenticationProvider与standalone.xml中定义的JBoss Wildfly 10安全域的集成中遇到了以下问题:它不执行在我的安全域中定义的LoginModules,实际上它似乎唯一能找到的是在wildfly 10.0.0 picketbox-4.9.4.jar (默认情况下)的auth.conf中定义的ClientLoginModule。
我的安全域配置如下:
<security-domain name="mysecdomain" cache-type="default">
<authentication>
<login-module code="LdapExtended" flag="sufficient">
<module-options.../>
</login-module>
</authentication>
</security-domain>和我在已部署应用程序的应用程序上下文中的JaasAuthenticationProvider:
<bean id="jaasAuthenticationProvider" class=org.springframework.security.authentication.jaas.JaasAuthenticationProvider">
<property name="loginConfig" value="WEB-INF/login.conf" />
<property name="loginContextName" value="mysecdomain"/>
<property name="callbackHandlers">
<list>
<bean class="org.springframework.security.authentication.jaas.JaasNameCallbackHandler" />
<bean class="org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler" />
</list>
</property>
<property name="authorityGranters">
<list>
<bean class="com.my.MyAuthorityGranter" />
</list>
</property>
</bean>但当我执行defined jaasAuthenticationProvider时,它会将以下内容输出到Wildfly的server.log:
2016-04-27 03:37:18,367 TRACE [org.jboss.security] (default task-4) PBOX00221: Begin getAppConfigurationEntry(mysecdomain), size: 1
2016-04-27 03:37:18,368 TRACE [org.jboss.security] (default task-4) PBOX00222: getAppConfigurationEntry(mysecdomain), no entry found, trying parent config null
2016-04-27 03:37:18,368 TRACE [org.jboss.security] (default task-4) PBOX00223: getAppConfigurationEntry(mysecdomain), no entry in parent config, trying default other
2016-04-27 03:37:18,368 TRACE [org.jboss.security] (default task-4) PBOX00224: End getAppConfigurationEntry(mysecdomain), AuthInfo: AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.ClientLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
2016-04-27 03:37:18,374 DEBUG [org.jboss.security] (default task-4) PBOX00350: Module option: jboss.security.security_domain, value: other
2016-04-27 03:37:18,374 DEBUG [org.jboss.security] (default task-4) PBOX00350: Module option: restore-login-identity, value: null
2016-04-27 03:37:18,374 DEBUG [org.jboss.security] (default task-4) PBOX00350: Module option: password-stacking, value: null
2016-04-27 03:37:18,376 TRACE [org.jboss.security] (default task-4) PBOX00240: Begin login method
2016-04-27 03:37:18,387 TRACE [org.jboss.security] (default task-4) PBOX00351: Obtained auth info from handler, principal: xxxxx, credential class: class [C
2016-04-27 03:37:18,388 TRACE [org.jboss.security] (default task-4) PBOX00241: End login method, isValid: true
2016-04-27 03:37:18,388 TRACE [org.jboss.security] (default task-4) PBOX00242: Begin commit method, overall result: true所以很明显,我做错了什么,但又搞不清楚是什么?上面的代码在JBoss 4.2.1和在login-config.xml中定义的应用程序策略中工作得很好,但现在就不行了
回答 1
Stack Overflow用户
发布于 2016-04-28 14:51:00
找到了解决方案:在新的Spring Security (这里是4.0.4版本)中,需要向JaasConfigurationProvider添加以下属性,否则将删除已经上传的配置(安全域),并将其替换为picketbox默认配置:
<property name="refreshConfigurationOnStartup" value="false"/>现在,它的工作方式类似于charm,提供商可以看到所有已定义的安全域
https://stackoverflow.com/questions/36905276
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号